特殊:Badtitle/NS100:Internet/ConnectionSharingDHCP3:修订间差异

来自Ubuntu中文
跳到导航跳到搜索
Wikibot留言 | 贡献
新页面: {{From|https://help.ubuntu.com/community/Internet/ConnectionSharingDHCP3}} {{Languages|UbuntuHelp:Internet/ConnectionSharingDHCP3}} == Introduction == This howto will share an internet co...
 
Wikibot留言 | 贡献
无编辑摘要
 
第6行: 第6行:
A DSL router is handling the DNS for the world wide web. The Ubuntu router gets the internet connection from eth0 and hands out DHCP assigned information to the connected PC's via eth1.
A DSL router is handling the DNS for the world wide web. The Ubuntu router gets the internet connection from eth0 and hands out DHCP assigned information to the connected PC's via eth1.
A Switch after the Ubuntu router is optional but recommened. If you require more than one PC to be connected to the internet you will need a switch. If you only want to connect one PC after the Ubuntu router you may use a crossover cable or if the NIC's are new a straight cable might work.
A Switch after the Ubuntu router is optional but recommened. If you require more than one PC to be connected to the internet you will need a switch. If you only want to connect one PC after the Ubuntu router you may use a crossover cable or if the NIC's are new a straight cable might work.
{{https://help.ubuntu.com/community/Internet/ConnectionSharingDHCP3?action=AttachFile&do=get&target=ConnectionSharingDHCP3_ver3.png%7D%7D
https://help.ubuntu.com/community/Internet/ConnectionSharingDHCP3?action=AttachFile&do=get&target=ConnectionSharingDHCP3_ver3.png
Note: This diagram was created with inkscape. If you want to edit it download the full file `ConnectionSharingDHCP3.svg` from: Attachments
Note: This diagram was created with inkscape. If you want to edit it download the full file `ConnectionSharingDHCP3.svg` from: Attachments
== Prerequisite ==
== Prerequisite ==

2008年10月19日 (日) 23:29的最新版本

{{#ifexist: :Internet/ConnectionSharingDHCP3/zh | | {{#ifexist: Internet/ConnectionSharingDHCP3/zh | | {{#ifeq: {{#titleparts:Internet/ConnectionSharingDHCP3|1|-1|}} | zh | | }} }} }} {{#ifeq: {{#titleparts:Internet/ConnectionSharingDHCP3|1|-1|}} | zh | | }}

Introduction

This howto will share an internet connection through a Ubuntu desktop or server via the DHCP3 Server package. This setup uses two ethernet cards which are routed through a Ubuntu box. Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked devices (clients) to obtain the parameters necessary for operation in an Internet Protocol network. A DSL router is handling the DNS for the world wide web. The Ubuntu router gets the internet connection from eth0 and hands out DHCP assigned information to the connected PC's via eth1. A Switch after the Ubuntu router is optional but recommened. If you require more than one PC to be connected to the internet you will need a switch. If you only want to connect one PC after the Ubuntu router you may use a crossover cable or if the NIC's are new a straight cable might work. ConnectionSharingDHCP3?action=AttachFile&do=get&target=ConnectionSharingDHCP3_ver3.png Note: This diagram was created with inkscape. If you want to edit it download the full file `ConnectionSharingDHCP3.svg` from: Attachments

Prerequisite

Ubuntu installation

This howto has assumed that you have installed a ubuntu destop (any derivative) or server edition on a PC with the default network configuration.. The default installation automatically sets `eth0` to receive the necessary parameters from a DHCP server.

Network Cards

Its assumed that your ubuntu box has 2 NIC's card installed correctly

Testing

Test Network cards are functioning, test this by typing:

cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 16593 93 0 0 0 0 0 0 16593 93 0 0 0 0 0 0
eth0:119442353 80492 0 0 0 0 0 6 3346687 45001 0 0 0 0 0 0
eth1: 167944 2186 0 0 0 17 0 0 356626 2062 0 0 0 0 0 0

Errorlogs: Located at /var/log/syslog (if you get a fail on starting the DHCP server)

ifconfig

The `ifconfig` command is also another command that is usefull in fault finding

ifconfig

Server Configuration

Root User

In this howto all commands are done as a super user (aka su or root): Login "user", then enter command

sudo passwd root
Enter new UNIX password:
Retype new UNIX password:
su root
Password:

Network Interface Cards

DHCP Server

Install

First install the dhcp3-server package

apt-get install dhcp3-server

Manual Static Address

The first step is to make sure that your internal network functions. You should setup your second Ethernet wired or wireless card and set its IP address to something like "192.168.10.1″ via `ifconfig` utility as follows:

ifconfig eth1 192.168.10.1 netmask 255.255.255.0

Automatic Static Address

This setup will be forgotten after a reboot, its better to add these lines to /etc/network/interfaces (replacing any previous declarations of eth1):

nano -w /etc/network/interfaces
    # The extended interfaces
    auto eth1
    iface eth1 inet static
        address 192.168.10.1
        netmask 255.255.255.0

Testing Static Configuratiom

Check if the previous command worked by typing the following:

ifconfig

The result will look like this

    ifconfig
    eth0 Link encap:Ethernet HWaddr 00:0C:6E:8A:BD:ED
    inet addr:192.168.1.64 Bcast:192.168.1.255 Mask:255.255.255.0
    inet6 addr: fe80::20c:6eff:fe8a:bded/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:80071 errors:0 dropped:0 overruns:0 frame:0
    TX packets:44847 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:119404142 (113.8 MB) TX bytes:3332468 (3.1 MB)
    Interrupt:20
    eth1 Link encap:Ethernet HWaddr 00:20:18:3A:4E:AE
    inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
    inet6 addr: fe80::220:18ff:fe3a:4eae/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:2092 errors:0 dropped:0 overruns:0 frame:17
    TX packets:1998 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:158939 (155.2 KB) TX bytes:348453 (340.2 KB)
    Interrupt:16 Base address:0xa800

Assign Dynamic IP Address

Next edit the following file to add the DHCP support on eth1:

nano -w /etc/dhcp3/dhcpd.conf

To save & close the file press Ctrl+X and then Y Edit these values (add if missing)

    # The ddns-updates-style parameter controls whether or not the server will
    # attempt to do a DNS update when a lease is confirmed. We default to the
    # behavior of the version 2 packages (’none’, since DHCP v2 didn’t
    # have support for DDNS.)
    ddns-update-style ad-hoc;

    # option definitions common to all supported networks…
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.10.255;
    option routers 192.168.10.1;
    option domain-name SOMENAME;
    option domain-name-servers 192.168.10.1;

    default-lease-time 600;
    max-lease-time 7200;

    # If this DHCP server is the official DHCP server for the local
    # network, the authoritative directive should be uncommented.
    authoritative;

    subnet 192.168.10.0 netmask 255.255.255.0 {
    range 192.168.10.10 192.168.10.100;
    }

Explanation: eth1 has the IP address 192.168.10.1 and the dhcp server now uses it as its home ip address.

Assign Network Card

One more thing needs to be configured before we can run the DHCP server Open the file /etc/default/dhcp3-server

nano -w /etc/default/dhcp3-server
    # Defaults for dhcp initscript
    # sourced by /etc/init.d/dhcp
    # installed at /etc/default/dhcp3-server by the maintainer scripts
    #
    # This is a POSIX shell fragment
    #
    # On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
    # Separate multiple interfaces with spaces, e.g. "eth0 eth1″.
    INTERFACES="eth1″

Explanation: Like the comment it the file says we are specifying the network card which must be used to handle dhcp requests Finally the setup is done!

Start DHCP server

So lets run the DHCP server with:

/etc/init.d/dhcp3-server start
    * Starting DHCP server dhcpd3
    done.

If it report fails then look at the error log file ($ less /var/log/syslog and press END to view the last events)

Testing Clients

Ping Client

Now you can test the connection to the server from any client connected to the server by:

 
ping 192.168.10.1 

(to check if you can see the server)

Restart Client DHCP

Assuming your client is an linux OS you may need to reset the network card to obtain a new IP address

sudo dhclient eth0 

(where eth0 is the ethernet port used by the client) The last command is to get DHCP information from the server to the client, which will be reported in the following manner:

sudo dhclient eth0
    Internet Systems Consortium DHCP Client V3.0.5
    Copyright 2004-2006 Internet Systems Consortium.
    All rights reserved.
    For info, please visit http://www.isc.org/sw/dhcp/
    Listening on LPF/eth0/00:0c:6e:8a:bd:ed
    Sending on LPF/eth0/00:0c:6e:8a:bd:ed
    Sending on Socket/fallback
    DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4
    DHCPOFFER from 192.168.10.1
    DHCPREQUEST on eth0 to 255.255.255.255 port 67
    DHCPACK from 192.168.10.1
    bound to 192.168.10.64  renewal in 41658 seconds.

Now that we have a connection to the server we want to have internet on the client pc. The internet connection of the server needs to be shared with the clients. The actual sharing component in Linux is done via the firewall (iptables or ipchains depending on the Kernel version)

Firewall Configuration

Enable Forwarding

First enable forwarding of the ipv4 layer

nano -w /etc/sysctl.conf

Edit or add this line to `sysctl.conf`

net.ipv4.conf.default.forwarding=1

To enable forwarding without reboot

echo 1 > /proc/sys/net/ipv4/ip_forward 

Enable NAT

Add a firewall rule to enable packet forwarding

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 

(the forwarding) This configuration will be lost on a reboot so we need to save it.

iptables-save > /etc/iptables.rules

Load Firewall Rule

To load our new firewall rule on a reboot.

nano -w /etc/network/interfaces

replacing any previous declarations of eth0

    # The extended interfaces
    auto eth0
    iface eth0 inet dhcp
         pre-up iptables-restore < /etc/iptables.rules
         post-down iptables-restore < /etc/iptables.rules

Interfaces Config File

The complete file `/etc/network/interfaces` should look like this after all the modifications we applied:

    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).

    # The loopback network interface
    auto lo
    iface lo inet loopback

    # The primary network interface
    auto eth0
    iface eth0 inet dhcp
         pre-up iptables-restore < /etc/iptables.rules
         post-down iptables-save > /etc/iptables.rules

    # The extended interfaces
    auto eth1
    iface eth1 inet static
         address 192.168.10.1
         netmask 255.255.255.0

Special Note

Never do:

apt-get remove ipmasq

Its a stupid thing we learned during testing, this will result in a LOT of malfunctions, so make sure you don’t do stupid things like we did! We tested all of this on a fresh install of Gutsy Server that is fully updated on Feb 20 2008.

Reference

http://wiki.steenbe.nl/?p=29#more-29

Authors

steenbe.nl